Over the course of this week, some printers have been printing out a strange message asking people to subscribe to PewDiePie's YouTube channel. The message appears to be the result of a simple exploit that allows printers to receive data over the internet, including print commands. A person with the online handle TheHackerGiraffe has claimed responsibility for the attack.

This is one of the reasons I believe that those that their equipment hacked when they have a firewall have bigger problems then getting that virus fixed. They have a firewall problem that allowed it to happen.

Years ago when we first started setting up machines on the network we had a tech and customer that insisted on using the local ISP to assign the IP of the device. Constant problems since after a few days the ISP would release and reassign IP's. Did not affect printing so much but it did scanning as there was no email or SMB back then. Only FTP and it went by IP. I finally showed them I could print and even get here files in the scans folder from the shop. That day they went and got a proper router for the day and separated themselves from the ISP.

This person is a verified professional.

Default passwords? It's not just printers. One of the first security sweeps we did found default passwords on almost every vendor-supplied piece of gear - HVAC modules and monitors, vendor-supplied PCs for monitoring, and even (vendor) Windows servers. (Honeywell, I'm looking at you.)

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

This person is a verified professional.

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

My previous employer exactly.

Every leased MFP in the district had 12345. It's astonishing that no student had taken advantage of this before I left. I'd changed the passwords in one building because of this and yes, that created a lot of tension with the lessor. I ended up losing that battle.

This person is a verified professional.

Default passwords? It's not just printers. One of the first security sweeps we did found default passwords on almost every vendor-supplied piece of gear - HVAC modules and monitors, vendor-supplied PCs for monitoring, and even (vendor) Windows servers. (Honeywell, I'm looking at you.)

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

Default passwords? It's not just printers. One of the first security sweeps we did found default passwords on almost every vendor-supplied piece of gear - HVAC modules and monitors, vendor-supplied PCs for monitoring, and even (vendor) Windows servers. (Honeywell, I'm looking at you.)

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

This is funny - I'm dealing with this with Canon right now. They requested that I set all the printers back to the default admin username/password. I kindly said no.

Default passwords? It's not just printers. One of the first security sweeps we did found default passwords on almost every vendor-supplied piece of gear - HVAC modules and monitors, vendor-supplied PCs for monitoring, and even (vendor) Windows servers. (Honeywell, I'm looking at you.)

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

Really? They could not even be bothered to add 9 to the end.

OH - it is often so much worse - Often these systems limit you to 8 character passwords.

This person is a verified professional.

Man... he really missed a golden opportunity to print some pretty hilarious or obscene stuff and instead chose to ask people to subscribe to his favorite YouTuber's channel.... At first I was impressed but now I'm just sad.

This person is a verified professional.

KeePass (or the like) is your friend.... we use randomly generated passwords for all systems now, and have a shared KeePass file for things like printers or switches that our IT department is in charge of. Yes, it is inconvenient if you're constantly logging into devices across the enterprise, but hardly inconvenient enough to leave them as defaults. :-)

One of the rules we have as a department policy is "no default or vendor-assigned passwords." This caused some momentary friction with the copier-lease vendor who uses 12345678 for every password, but we triumphed.

My previous employer exactly.

Every leased MFP in the district had 12345. It's astonishing that no student had taken advantage of this before I left. I'd changed the passwords in one building because of this and yes, that created a lot of tension with the lessor. I ended up losing that battle.

This person is a verified professional.

Man... he really missed a golden opportunity to print some pretty hilarious or obscene stuff and instead chose to ask people to subscribe to his favorite YouTuber's channel.... At first I was impressed but now I'm just sad.

There's an on going rally to keep him #1 most subscribed channel on youtube as an Indian Media company is on his tail to take the title any moment,

This person is a verified professional.

This is the reason my printers are in a VLAN that can only be accessed by IT work stations and the print server.... As far as my printers know, there are 4 computers in the entire universe. Printers can't be trusted.